1.———— is summary data collected from packet headers and network devices that illustrates connection, traffic, protocol and other patterns.2.A is a formal description of message formats and the rules for exchanging those messages3.Results from a port scan would likely benefit an attacker (select all that apply)during the Attack & Exploitation phaseduring the Device Discovery & Service Enumeration phaseexfiltrate data from the target environmentwhen attempting to identify a specific device type (database, web server, etc.)4Why should a defender monitor for the release of new metasploit modules, new attacker tools, techniques, etc? How can a defender make this information ‘actionable’ in a manner that will reduce overall risk of compromise?5What are four qualities of an Information Security Monitoring program. Hint, ‘contributes to a growing knowledge base’ is one…6Describe the concepts of Defense in Depth and Detection in Depth. Compare and contrast. What’s different? What’s similar? Make sure you describe both concepts in full sentences and discuss the differences and similarities thoroughly.) 7What is multi-factor authentication? Identify each component and provide an example.8Successfully defending or attacking a target network, application, or device can often require a good deal of technical skill and experience. Why and how does malware and tools such as Metasploit upset this balance? Consider both please. 9Define and describe each phase in the defender’s methodology, provide examples. 10How would the ‘principle of least privilege’ apply when setting up a user account for a new employee?11‘ ]is likely a cross reference reflection attack’ ]is likely a cross site scripting attack’ ]is likely a cross request forgery attack’ ]is likely a cross buffer overflow attack12www.exploit-db.com is ‘the ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike.’ What category of security relevant data would you categorize this resource as and why? What value does it provide to a network defender?